From: Joe Murray <joe.murray@jmaconsulting.biz>
Date: Fri, 8 Jan 2016 22:20:07 +0000 (-0500)
Subject: Added a todo
X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=577a782fe9af6c887c83025ad9d7e6a3af52cc9d;p=civicrm-core.git

Added a todo
---

diff --git a/CRM/Utils/SQL/Select.php b/CRM/Utils/SQL/Select.php
index a45bfa5729..e130e57994 100644
--- a/CRM/Utils/SQL/Select.php
+++ b/CRM/Utils/SQL/Select.php
@@ -464,6 +464,7 @@ class CRM_Utils_SQL_Select implements ArrayAccess {
             $parts = array_map(array($select, 'escapeString'), $values);
             return implode(', ', $parts);
 
+          // TODO: ensure all uses of this un-escaped literal are safe
           case '!':
             return implode(', ', $values);